Meraki

Community

Dual SIM iOS device management

GWiederCBM
Just browsing
‎Apr 25 2023 12:31 PM
‎Apr 25 2023 12:31 PM

Dual SIM iOS device management

We have a couple of employees that chose to add the SIM card of their company device to their own personal device (both physically and electronically).  Therefore avoiding having to carry two phones.  They must be careful to choose which line they use for personal and work communications, but for the most part it works well.   However, in this configuration, can we implement SM MDM enrollment on the device with dual SIMs?  Will it apply to only the corporate SIM, or the whole device?

 

Has anyone else encountered this situation?

Labels:
0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 25 2023 2:40 PM
‎Apr 25 2023 2:40 PM

I'm not 100% sure of the answer.

 

I think if you want to allow this - you might be better off using Android BYOD mode, which partitions the phone into Personal and Work containers.

https://documentation.meraki.com/SM/Deployment_Guides/Android_Enterprise_Deployment_Guide#BYOD_Enrol... 

 

In Android (at least my one), you can then assign SIM1 to the work container, and SIM2 to the Personal container.  It keeps calls, contacts and TXT messages separate from each other.

You can also turn off the work container when not working (which stops all works applications, notifications, etc).

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 25 2023 2:41 PM
‎Apr 25 2023 2:41 PM

Doh - I just saw you mentioned iOS.

 

It is my understanding that iOS does not support containers like Android, and has no way to separate work and personal calls and messages.

0 Kudos
In response to PhilipDAth
GWiederCBM
Just browsing
‎Apr 26 2023 7:34 AM
‎Apr 26 2023 7:34 AM

Correct.  Although I do have others who want to use their own personal devices and add our corporate device's SIM to their android device, we have one that has an iPhone with the dual eSIM.  I guess I'm out of luck with that one?  Either I manage their whole personal iPhone (which is probably not going to be acceptable), or I don't manage it at all, and we don't have any control over what that voice line is doing.  I guess we could also just not allow them to transfer the SIM to their device and just force them to carry the corporate android phone in addition to their personal phone.  Again, I'm not sure that solution will be acceptable to this user.

0 Kudos
In response to PhilipDAth
PaulF
Meraki Employee
Meraki Employee
‎Apr 27 2023 1:54 AM
‎Apr 27 2023 1:54 AM

Lots to unwrap here...

 

Firstly, iOS does support containerization in two ways:

1. Managed open in: Embedded within the restrictions payload is the ability to control the management of data from managed to non managed apps and accounts, and vice versa. The segmentation here is very nuanced: It's more akin to keeping personal and enterprise data separate. There's more details here: https://www.youtube.com/watch?v=fPXp6KOjj-Q

2. The second way to achieve this is by using User Enrollment, which is TRUE BYOD. 

 

So, it is possible to support BYOD with SM and iOS

 

However, Apple has yet to create capabilities that allow for true network usage rules. There are some:

 

https://support.apple.com/en-gb/guide/deployment/depd912072f4/web

 

Which SM supports, but I'm guessing that what you'd want to do is specify which bearer that you'd want corporate data to go over: If that's so, Apple doesn't support this (yet)

0 Kudos
In response to PaulF
GWiederCBM
Just browsing
‎Jun 8 2023 12:25 PM
‎Jun 8 2023 12:25 PM

Can you provide me with any links to how I can implement User Enrollment?  I'm not finding much when I search that on the site.

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.